The Parliamentary Joint Committee on Intelligence and Security (PJCIS) today released its report on the government’s proposed metadata retention laws.
The report makes a number of recommendations to revise and clarify the proposed bill, including:
offering monetary compensation for service providers to cover the costs of implementing the scheme
limiting the discretionary powers of the Attorney-General in making changes to the bill once it’s passed
preventing the stored metadata from being used as a part of civil litigation and
that more consideration is needed regarding how to protect press freedom and anonymous sources.
We asked a panel of experts to provide their thoughts on the implications of the report and its recommendations.
Angela Daly, Research Fellow in Media and Communications Law at Swinburne University of Technology
While the PJCIS’s recommendations are to be welcomed because they clarify the data retention scheme, build in some procdural safeguards and go some way to ensuring the data will be secure, serious problems remain with the scheme.
The fact that all Australians' data will be stored means this remains a mass surveillance programme which interferes with the privacy of millions of completely law-abiding people in a very intrusive and totally disproportionate way.
The doubts that international experience cast over the effectiveness of a mass data retention scheme in achieving its stated purpose (to keep Australians safe against serious crime and terrorism) have not been addressed at all.
We still do not know how much all of this will cost or precisely what data about Australian internet users will be retained, but it seems that a huge amount of money will be invested to set up a scheme which is likely to be ineffective in keeping us safe, yet will be extremely intrusive of our privacy online.
It also seems that experience from other parts of the world, especially the European Union, whose own mass data retention scheme was invalidated last year for being a disproportionate interference with the privacy of millions of law-abiding Europeans, has been completely ignored.
Ironically the UK’s data retention scheme has been pointed to in the report as representing best practice when actually it is under challenge for its incompatibility with the right to privacy.
A strong, evidence-based case for why mass data retention is necessary in Australia has still not been made. And in its absence, these data retention proposals remain an expensive, intrusive and ineffective folly for the Australian government and opposition to pursue.
Adam Henschke, Postdoctoral Research Fellow at Australian National University
Many of these recommendations seem to be reasonable. My question is focused on the statement “the Government make a substantial contribution to the upfront capital costs of service providers implementing their data retention obligations.”
I question whether the government plans to outline a similar set of surety for government/security departments. That is, the prime minister has said retention will cost approximately A$400 million per year. And if the government is making a substantial contribution, from where is that money coming?
Underpinning this concern is a question of cost-effectiveness. Given the vast cost of this program, it vital that we know how effective it is at reducing and/or investigating the serious crimes it intends to impact.
Moreover, I’d suggest that there needs to be some way of measuring this effectiveness against more traditional policing/national security activities. If it comes to light that the metadata retention is diverting a great amount of resources from more effective practices, we ought to seriously reconsider the retention of metadata.
Philip Branch, Senior Lecturer in Networking and Telecommunications at Swinburne University of Technology
The committee has recommended that the data set to be retained be listed in the primary legislation (with a mechanism for emergency and temporary inclusion for additional data items if needs be).
There’s also a recommendation that civil litigants be excluded from accessing it, restricting access for criminal investigations. The risk to journalism is also acknowledged and is to be investigated by another committee.
I think these are welcome developments, particularly including the dataset within the primary legislation. All through this whole process it has been immensely frustrating that we really don’t know what exactly is to be retained. The word “metadata” alone tells us very little.
I think that the data set needs to be made public as soon as possible and sufficient time be allowed for discussion before it be passed. I have particular concerns about the “messaging” data, but because we haven’t known what the data set is to be, all discussion so far has been built on speculation. It would be wrong to rush the bill through parliament without allowing time for proper analysis when we finally do get to know what is actually being proposed.